CVE-2022-1304 vulnerability in docker image #3726

p-l-l · 2022-04-22T12:13:56Z

p-l-l
Apr 22, 2022

Recently detected this vulnerability on image mcr.microsoft.com/dotnet/aspnet:6.0

Introduced by:
e2fsprogs/[email protected]
e2fsprogs/[email protected]
krb5/[email protected]+deb11u1

Just wanted to let you know, thanks for any feedback if there are plans on fixing this

mthalman · 2022-04-22T12:50:16Z

mthalman
Apr 22, 2022
Maintainer

It doesn't look like there's even a fix available at this time for Debian. From https://security-tracker.debian.org/tracker/CVE-2022-1304:

Even if there was a fix available, it's the base image, debian:bullseye-slim, that contains this package. So we need to wait until it's available in that image. Once it's fixed there, it'll naturally flow to the .NET images that depend on that base image as part of our auto-rebuilding workflow.

0 replies

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

CVE-2022-1304 vulnerability in docker image #3726

Uh oh!

{{title}}

Uh oh!

Replies: 1 comment

Uh oh!

{{title}}

Uh oh!

Select a reply

Uh oh!

CVE-2022-1304 vulnerability in docker image #3726

Uh oh!

p-l-l Apr 22, 2022

Replies: 1 comment

Uh oh!

mthalman Apr 22, 2022 Maintainer

p-l-l
Apr 22, 2022

mthalman
Apr 22, 2022
Maintainer